I hereby claim:
- I am jeanqasaur on github.
- I am jeanqasaur (https://keybase.io/jeanqasaur) on keybase.
- I have a public key whose fingerprint is FDD9 E9A0 695F CAA4 3F78 C99B 80ED 8A7A 6F7B 2CC2
To claim this, I am signing this object:
Jean Yang jeanqasaur
jeanqasaur
/ keybase.md
Created
April 8, 2018 02:05
jeanqasaur
/ gist:12f4f7f59dc193f1f58a44aa6a694de4
Created
September 22, 2020 06:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Hello world |
jeanqasaur
/ harclient_sample.py
Created
April 14, 2021 18:20
Code sample for Akita Flask blog post: HarClient class definition
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class HarClient(FlaskClient): | |
| def __init__(self, *args | |
| , har_file_path=f'akita_trace_{time.time()}.har' | |
| , **kwargs): | |
| self.har_writer = HarWriter(har_file_path, 'w') | |
| self.url_prefix = "" | |
| super().__init__(*args, **kwargs) |
jeanqasaur
/ harclient_open.py
Created
April 14, 2021 18:24
Code sample for Akita Flask blog post: HarClient class definition
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def open(self, *args, **kwargs): | |
| start = datetime.now(timezone.utc) | |
| resp: Response = super().open(*args, **kwargs) | |
| self.har_writer.write_entry( | |
| self._create_har_entry(start, args, kwargs, resp)) | |
| return resp |
jeanqasaur
/ newTCPStream.go
Last active
May 4, 2021 04:37
Function for creating new tcpStream struct
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func newTCPStream(clock clockWrapper, netFlow gopacket.Flow, | |
| outChan chan<- akinet.ParsedNetworkTraffic, | |
| fs akinet.TCPParserFactorySelector) *tcpStream { | |
| return &tcpStream{ | |
| clock: clock, | |
| bidiID: akinet.TCPBidiID(uuid.New()), | |
| netFlow: netFlow, | |
| factorySelector: fs, | |
| outChan: outChan, | |
| } |
jeanqasaur
/ sampleStreamFactory.go
Created
April 26, 2021 23:48
How we implement the StreamFactory interface at Akita
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func (fact *tcpStreamFactory) New(netFlow, tcpFlow gopacket.Flow, _ *layers.TCP, _ reassembly.AssemblerContext) reassembly.Stream { | |
| return newTCPStream(fact.clock, netFlow, fact.outChan, fact.fs) | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tcpdump -i lo -w lo.pcap |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "github.com/google/gopacket" | |
| _ "github.com/google/gopacket/layers" | |
| "github.com/google/gopacket/pcap" | |
| ) | |
| const ( |
jeanqasaur
/ stream_example.go
Last active
April 27, 2021 04:39
Example implementation of the Stream interface for packet processing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // tcpStream represents a pair of uni-directional tcpFlows. It | |
| // implements reassembly.Stream interface to receive reassembled | |
| // packets for BOTH flows, which it then directs to the correct | |
| // tcpFlow. | |
| type tcpStream struct { | |
| clock clockWrapper // constant | |
| bidiID akinet.TCPBidiID // constant | |
| // Network layer flow. | |
| netFlow gopacket.Flow |
jeanqasaur
/ parsing_example.go
Last active
May 4, 2021 04:42
Example of using StreamFactory, StreamPool, and Assembler for TCP packet parsing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func (p *NetworkTrafficParser) ParseFromInterface( | |
| interfaceName, bpfFilter string, signalClose <-chan struct{}, | |
| fs ...akinet.TCPParserFactory) | |
| (<-chan akinet.ParsedNetworkTraffic, error) { | |
| // Read in packets, pass to assembler | |
| packets, err := p.pcap.capturePackets(signalClose, | |
| interfaceName, | |
| bpfFilter) | |
| if err != nil { | |
| return nil, errors.Wrapf( |
OlderNewer